Showing 1 - 6 of 6

CVE-2019-13636

Status Candidate

Overview

In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.

Red Hat Security Advisory 2020-1852-01: Posted Apr 28, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-1852-01 - The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file.; tags | advisory; systems | linux, redhat; advisories | CVE-2019-13636; SHA-256 | 2d80137633d314ee426cbb60738dbb714b12e2a48956ae50eb34bc05ea204a28; Download | Favorite | View

Gentoo Linux Security Advisory 201908-22: Posted Aug 19, 2019; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201908-22 - Multiple vulnerabilities have been found in Patch, the worst of which could result in the arbitrary execution of code. Versions less than 2.7.6-r4 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2019-13636, CVE-2019-13638; SHA-256 | 6f447b44bb4214475ce239876d771d1fa9336181e808c8f24d80e42adab348e3; Download | Favorite | View

GNU patch Command Injection / Directory Traversal: Posted Aug 16, 2019; Authored by Imre Rad; GNU patch suffers from command injection and various other vulnerabilities when handling specially crafted patch files.; tags | exploit, vulnerability; advisories | CVE-2018-1000156, CVE-2018-20969, CVE-2019-13636, CVE-2019-13638; SHA-256 | 46e27d51accb7a7405dd3c34e724a12c052ab52ecfe5b3acffb883ba165d5e6b; Download | Favorite | View

Debian Security Advisory 4489-1: Posted Jul 28, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4489-1 - Imre Rad discovered several vulnerabilities in GNU patch, leading to shell command injection or escape from the working directory and access and overwrite files, if specially crafted patch files are processed.; tags | advisory, shell, vulnerability; systems | linux, debian; advisories | CVE-2019-13636, CVE-2019-13638; SHA-256 | 629bdd444567253abe16946a2abbf219c2b6e287a64661215bc9b20cf3983ebc; Download | Favorite | View

Ubuntu Security Notice USN-4071-2: Posted Jul 25, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4071-2 - USN-4071-1 fixed several vulnerabilities in Patch. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. Various other issues were also addressed.; tags | advisory, vulnerability; systems | linux, ubuntu; advisories | CVE-2019-13636, CVE-2019-13638; SHA-256 | 0b7c4a198db51cde30cce47cc6a0ae95e2c18bd207868b3dc0dab1fbed99adb0; Download | Favorite | View

Ubuntu Security Notice USN-4071-1: Posted Jul 24, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4071-1 - It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2019-13636, CVE-2019-13638; SHA-256 | bb6be6ae6ab1c6d02ca25c70421ee7d9fb0267f22a1d62dae05ce539135a8dc1; Download | Favorite | View

Page 1 of 1 Back 1 Next